密码
计算机科学
密码破解
密码强度
S/键
过程(计算)
认知密码
相似性(几何)
计算机安全
弦(物理)
一次性密码
人工智能
程序设计语言
数学
图像(数学)
数学物理
作者
Erqiang Zhou,Yejian Peng,Guanghui Shao,Fuhu Deng,Yurun Miao,Wulong Fan
标识
DOI:10.1016/j.future.2023.09.013
摘要
Textual password is one of the most important authentic means used in modern information systems and password cracking is an important means of measuring password strength. Recently, data-driven approaches are proposed in order to improve the efficiency and accuracy of the password guessing process. These methods usually train a model based on leaked password datasets so as to capture the internal patterns hidden behind the human created passwords, and most of them focus on the relationships between characters within a password. In this article, we emphasizes that the character relations between passwords need also to be considered. We treat a password as a sequence of chunks or segments, which is a small sub-string of the password and appears frequently in a password dataset. Instead of modeling the relations of chunks within a password, we proposed a method, which selects a seed password from a training set, breaks the seed password into chunks, and then generates new passwords by choosing a chunk and replacing it with another one according to their similarities. Several experiments are conducted on three password datasets so as to evaluate different aspects of the proposed approach. The results show that the proposed method is comparable with the state of the art approaches, such as PassGAN, DPG, FLA and PCFG v4.3, which is the latest version of PCFG. The results also revealed that chunk level relations between passwords play an important role in the process of password creation.
科研通智能强力驱动
Strongly Powered by AbleSci AI